4 matches found
Red Hat JBoss BRMS Cross-Site Scripting Vulnerability
Red Hat JBoss BRMS is a suite of platforms for the development of containerized microservices and applications to automate business decisions from Red Hat, USA. A cross-site scripting vulnerability exists in Red Hat JBoss BRMS versions prior to 5.1.0, which stems from a lack of proper validation ...
CVE-2014-0005
PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform JBEAP 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the application sever configuration and state by deploying a crafted application...
Drools: Remote Java Code Execution in MVEL
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a 1 MVFLEX Expression Language MVEL or 2 Drools expression...
commons-fileupload: Arbitrary file upload via deserialization
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance...